Individuals and organizations generally protect their computers and/or networks using a variety of software security systems, such as firewalls and antivirus systems. These security systems may automatically monitor activity on computers and/or networks, and detect potentially harmful, malicious, or otherwise abnormal activity. Security systems may require an administrator to respond to certain incidents.
Unfortunately, software security systems that protect large numbers of computers and/or large networks may generate commensurately large numbers of security incidents. Administrators may become overwhelmed by the sheer volume of incidents that require their attention. Even software security systems that protect only a single device, such as those protecting a personal computer, may require significant amounts of user intervention. The instant disclosure, therefore, identifies and addresses a need for systems and methods for responding to electronic security incidents.